About Nottingham City Council
Nottingham City Council is a major local authority responsible for delivering essential public services to residents and businesses across Nottingham. As part of its commitment to maintaining robust cyber security standards, the Council regularly undertakes security assessments to protect sensitive data and ensure compliance with government regulations.
The Business Challenge
As a member of the Government’s Public Services Network (PSN), Nottingham City Council is required to complete a comprehensive annual health check of its network security infrastructure. This process is critical for maintaining compliance and safeguarding public sector systems against evolving cyber threats. The Council follows a strict procurement policy, regularly rotating suppliers and issuing Requests for Quotation (RFQs) to a minimum of three providers for each new project. For this engagement, the Council needed a penetration testing partner that could deliver:
Technical excellence backed by industry accreditations. Competitive pricing to meet tight public sector budget constraints. Flexibility and responsiveness to fit around internal IT team schedules. A consultative approach that ensured clarity and collaboration throughout the process.
The Solution
CyberLab was invited to submit a proposal alongside two other penetration testing providers. The Council evaluated bids based on multiple criteria, including price, technical expertise, accreditations, and supplier fit. CyberLab stood out for its CREST accreditation, proven track record, and consultative approach. The team demonstrated flexibility during the scoping phase and worked closely with the Council to design an intensive two-week penetration testing programme that met all compliance requirements while accommodating the IT team’s operational commitments. The engagement included:
Detailed scoping and planning to align with PSN health check requirements. On-site and remote penetration testing to identify vulnerabilities across the network. Knowledge sharing with new IT security team members, ensuring they understood testing processes and mitigation strategies. Comprehensive reporting and executive presentation, providing clear interpretation of results and actionable recommendations.
“We needed to find a way to meet very tight budget constraints. Of the suppliers we spoke to, only CyberLab demonstrated what we felt was a genuine desire to engage with us to reach a workable solution for both parties. I’d recommend CyberLab not just for their expertise in the whole cyber security area, but for their personalised and professional approach.”
– Mark Smith, Server Support Manager
Nottingham City Council
The Outcome
CyberLab delivered the penetration testing programme on time and within budget, providing Nottingham City Council with:
A thorough security assessment that met PSN compliance standards. Actionable insights to strengthen network security and mitigate risks. Cost efficiency, with pricing significantly lower than competing bids. Enhanced internal capability, thanks to collaborative knowledge sharing during the testing process. The final report was presented to senior executives, complete with context, interpretation, and prioritised recommendations. This ensured that decision-makers had the clarity and confidence needed to address vulnerabilities and plan future security initiatives effectively.
Conclusion
By partnering with CyberLab, Nottingham City Council achieved a robust, cost-effective penetration testing programme that reinforced its cyber security posture and compliance obligations. CyberLab’s combination of technical expertise, flexibility, and consultative approach ensured a seamless experience from scoping to delivery. With this successful engagement, the Council is well-positioned to maintain strong defences against cyber threats and continue delivering secure, reliable services to the public.
Speak With an Expert
Enter your details and one of our experts will be in touch.
Whether you’re looking to implement basic cyber security best practice, improve your existing defences, or introduce a new system or solution, our team of expert consultants, engineers, and ethical hackers are here to help.
Our team specialise in creating bespoke security solutions and testing packages to improve and maintain your security posture.
We are 100% vendor agnostic and will only ever recommend the best products and solutions for your requirements.
